HP StorageWorks XP Command View Advanced Edition Common Component Security Guide Description and Operator's Guide (T1780-96308, July 2009)
Overview of Security Setup and Operation
11
1-3-4
1-3-5
Network Management
The communication path between an internal network and an external network must be protected
from threats. The following are the requirements for network management.
• The firewall installed between an internal network and external networks must be set up
correctly and must operate correctly.
• The network must be monitored regularly, about once a year, to make sure there is no
unauthorized traffic.
• Networks connecting management servers to storage management client terminals must be
able to preserve the confidentiality and integrity of the data. To protect the network, employ
appropriate measures such as using SSL for communication between a management server
and a storage management client terminal, or installing a storage management client terminal
inside the center. Another possibility is to use an exclusive line to connect a management
server and a storage management client terminal. Once these measures are in place, the
necessary devices can be installed, after which they must be set up correctly so that they
operate correctly.
Management of User Authentication Information
Only the three types of administrators - system creators, account administrators, and storage
administrators - can access the management server on which HP StorageWorks XP Command
View Advanced Edition Common Component is installed. To prevent breakins, the administrators
must manage the authentication information appropriately. More specifically, an administrator must
not do anything that allows the password for a user ID to become known to anyone else, or that
allows the authentication information for the other administrators to become known to a third party.
Registering and caching authentication information in the browser are also prohibited. An
administrator must specify a password that is not easily broken and change it at an appropriate
frequency.
Listed below are the minimum requirements for the HP StorageWorks XP Command View
Advanced Edition Common Component security parameters for secure operation of the system. The
account administrator must specify security parameters of HP StorageWorks XP Command View
Advanced Edition that satisfy the minimum requirements.
• ”Minimum number” of characters in a password policy: 6
• ”Minimum required number of upper-case letters in a password”: 0
• ”Minimum required number of lower-case letters in a password”: 0
• ”Minimum required number of numeric characters in a password”: 0
• ”Minimum required number of symbols in a password”: 0
• ”Specifying the same password as the user ID”: permit
• ”Threshold of successive login failures for locking an account”: 3
In order to satisfy the minimum requirements, the account administrator must specify a password
that satisfies (that is, is the same as, or more than) the numbers in the first five of the above
requirements.
For “Specifying the same password as the user ID”, the account administrator can specify “permit”
or “not permit”. For ”Threshold of successive login failures for locking the account”, the account
administrator must specify and operate the system using a number that is the same as or less than
the number given above.
In addition, the system creator password (specified by the system creator) must satisfy all the
following requirements:
• The password must contain a minimum of nine characters. (More than nine characters are
allowed.)
• The password must contain one or more alphabetic characters.